Back

Configure the "disable system when on audit log is full" setting to organizational standards.


CONTROL ID
09945
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Red Hat Enterprise Linux to Organizational Standards., CC ID: 08713

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Ensure system is disabled when audit logs are full Description: The `auditd` daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. R… (4.1.2.5, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 2)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. Fix Text: … (Rule: xccdf_org.cisecurity.benchmarks_rule_4.2.1.2_Disable_System_on_Audit_Log_Full Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_4.2.1.2.1_, The Center for Internet Security CentOS 6 Level 2 Benchmark, 1.0.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. Fix Text: … (Rule: xccdf_org.cisecurity.benchmarks_rule_4.2.1.2_Disable_System_on_Audit_Log_Full Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_4.2.1.2.2_, The Center for Internet Security CentOS 6 Level 2 Benchmark, 1.0.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. Fix Text: … (Rule: xccdf_org.cisecurity.benchmarks_rule_4.2.1.2_Disable_System_on_Audit_Log_Full Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_4.2.1.2.3_, The Center for Internet Security CentOS 6 Level 2 Benchmark, 1.0.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. Fix Tex… (Rule:xccdf_org.cisecurity.benchmarks_rule_5.2.1.2_Disable_System_on_Audit_Log_Full Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_5.2.1.2.1_, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. Fix Tex… (Rule:xccdf_org.cisecurity.benchmarks_rule_5.2.1.2_Disable_System_on_Audit_Log_Full Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_5.2.1.2.2_, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. Fix Tex… (Rule:xccdf_org.cisecurity.benchmarks_rule_5.2.1.2_Disable_System_on_Audit_Log_Full Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_5.2.1.2.3_, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. … (Rule: xccdf_org.cisecurity.benchmarks_rule_8.1.1.2_Disable_System_on_Audit_Log_Full Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_8.1.1.2.1_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. … (Rule: xccdf_org.cisecurity.benchmarks_rule_8.1.1.2_Disable_System_on_Audit_Log_Full Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_8.1.1.2.2_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • Title: Disable System on Audit Log Full Description: The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. … (Rule: xccdf_org.cisecurity.benchmarks_rule_8.1.1.2_Disable_System_on_Audit_Log_Full Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_8.1.1.2.3_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • Ensure system is disabled when audit logs are full Description: The `auditd` daemon can be configured to halt the system when the audit logs are full. Rationale: In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. R… (4.1.2.3, CIS Oracle Linux 8 Benchmark, Server Level 2, v1.0.1)